Usporio mi kompjuter

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 29 Nov 2013 21:10

U zadnje vrijeme mi je usporio kompjuter ... skidao sam igrica ...pa ako mozete da mi ga pregledate ....

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16736 BrowserJavaVersion: 10.45.2
Run by user at 21:07:34 on 2013-11-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2048.1057 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\Dwm.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Akamai NetSession Interface] "c:\users\user\appdata\local\akamai\netsession_win.exe"
uRun: [Facebook Update] "c:\users\user\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [HydraVisionDesktopManager] "c:\program files\ati technologies\hydravision\HydraDM.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 213.133.3.5 212.200.246.8
TCP: Interfaces\{FA8C3D47-7B04-4F27-88E7-31C94F7E77D7} : DHCPNameServer = 213.133.3.5 212.200.246.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-5-25 242240]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-3-29 219136]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-17 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-17 701512]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-31 104768]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-4-7 3560288]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2012-10-20 2656280]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-2-14 79872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2013-1-25 68208]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-17 22856]
R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-10-20 41088]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S2 BrowserDefendert;BrowserDefendert;c:\programdata\browserdefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserdefender.exe --> c:\programdata\browserdefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-10-20 269824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S4 IObitUnlocker;IObitUnlocker;c:\program files\iobit\iobit unlocker\IObitUnlocker.sys [2012-12-29 28016]
.
=============== Created Last 30 ================
.
2013-11-29 18:35:19 -------- d-----w- c:\program files\VideoLAN
2013-11-29 18:19:41 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{24a8c13e-1d7f-4719-99e3-dde7af3ec550}\mpengine.dll
2013-11-29 15:15:56 -------- d-----w- c:\programdata\EA Core
2013-11-29 15:15:55 -------- d-----w- c:\programdata\Electronic Arts
2013-11-28 18:17:23 7772552 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-11-21 10:14:46 -------- d-----w- c:\programdata\Oracle
2013-11-21 10:14:32 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-11-18 21:54:13 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-11-18 21:33:37 736952 ----a-w- c:\programdata\microsoft\ehome\packages\sportsv2\sportstemplatecore\Microsoft.MediaCenter.Sports.UI.dll
2013-11-18 21:32:30 2876528 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup\markup.dll
2013-11-18 21:28:36 42776 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm\StartResources.dll
2013-11-18 21:28:11 539984 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll
2013-11-18 21:27:58 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bd173b3c-8473-46ff-b876-2b12e89072b4}\gapaengine.dll
.
==================== Find3M ====================
.
2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 07:03:50 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-10-12 07:02:33 2877952 ----a-w- c:\windows\system32\jscript9.dll
2013-10-12 07:02:29 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-10-12 07:02:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-10-12 06:08:58 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-12 05:15:39 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-10-12 02:03:08 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01:41 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57:25 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-10-03 01:58:07 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-09-27 08:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:01:08 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 01:57:46 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20 22016 ----a-w- c:\windows\system32\lsass.exe
2013-09-25 00:49:18 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-20 22:28:47 6490 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2013-09-04 01:15:32 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 01:14:52 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 01:14:52 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 01:14:45 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 01:14:45 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 01:14:43 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 01:14:40 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
.
============= FINISH: 21:08:39.24 ===============

Dopuna: 29 Nov 2013 21:10

mycity.rs/must-login.png

Dopuna: 29 Nov 2013 21:11

Hvala unaprijed !

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav


Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi.

Proveri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.



Preuzmi Farbar Recovery Scan Tool i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.
Tvoj Windows je 32bitna verzija.

Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 29 Nov 2013 23:32

mycity.rs/must-login.png

Dopuna: 30 Nov 2013 0:31

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-29 23:34:37
-----------------------------
23:34:37.008 OS Version: Windows 6.1.7601 Service Pack 1
23:34:37.008 Number of processors: 2 586 0x2A07
23:34:37.010 ComputerName: JOCA UserName: user
23:34:37.753 Initialize success
00:22:05.528 AVAST engine defs: 13112901
00:23:27.424 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
00:23:27.426 Disk 0 Vendor: WDC_WD5000AAKX-00ERMA0 15.01H15 Size: 476940MB BusType: 3
00:23:27.530 Disk 0 MBR read successfully
00:23:27.533 Disk 0 MBR scan
00:23:27.596 Disk 0 Windows 7 default MBR code
00:23:27.598 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
00:23:27.656 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99899 MB offset 206848
00:23:27.703 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 376939 MB offset 204800000
00:23:27.738 Disk 0 scanning sectors +976771072
00:23:27.834 Disk 0 scanning C:\Windows\system32\drivers
00:23:41.706 Service scanning
00:23:53.824 Service MpKslc2508f26 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{24A8C13E-1D7F-4719-99E3-DDE7AF3EC550}\MpKslc2508f26.sys **LOCKED** 32
00:24:09.731 Modules scanning
00:24:16.333 Disk 0 trace - called modules:
00:24:16.345 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
00:24:16.345 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8625a778]
00:24:16.346 3 CLASSPNP.SYS[8a2f359e] -> nt!IofCallDriver -> [0x8616c918]
00:24:16.346 5 ACPI.sys[89b5a3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x8616a908]
00:24:16.876 AVAST engine scan C:\Windows
00:24:19.192 AVAST engine scan C:\Windows\system32
00:27:44.777 AVAST engine scan C:\Windows\system32\drivers
00:28:00.368 AVAST engine scan C:\Users\user
00:28:30.483 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
00:28:30.490 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

Dopuna: 30 Nov 2013 0:36

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-11-2013
Ran by user (administrator) on JOCA on 30-11-2013 00:32:18
Running from C:\Users\user\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Program Files\Bitt torent\BitTorrent.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-27] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\user\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-22] (Facebook Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-07-27] (AMD)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
MountPoints2: {e42627dc-1ec0-11e2-8b25-002522ed2c36} - F:\AutoRun.exe
MountPoints2: {e42627ee-1ec0-11e2-8b25-002522ed2c36} - F:\AutoRun.exe
MountPoints2: {e42627fc-1ec0-11e2-8b25-002522ed2c36} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - 2CE2A75F7FF247E2AC669F227EA63399 URL = searchou.com/?q={searchTerms}&id=46220b6d000000000000002522ed2c36&affilt=5&r=937
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {832CAB9F-EFF2-496D-84BC-8AB74CD87105} URL = search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms}
SearchScopes: HKCU - {9AE289C1-DDCB-4B89-8887-175C5757C514} URL = search.yahoo.com/search?fr=chr-greentree_ie.....=198484&p={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.133.3.5 212.200.246.8

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7xnnt43e.default
FF SearchEngineOrder.3: Bing
FF Homepage: user_pref("browser.startup.page", 1);user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7xnnt43e.default\searchplugins\privitize.xml
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7xnnt43e.default\Extensions\staged
FF Extension: iobitapps - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7xnnt43e.default\Extensions\iobitapps@mybrowserbar.com
FF Extension: torntv - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7xnnt43e.default\Extensions\torntv@torntv.com.xpi
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.rs/"
CHR DefaultSearchURL: (Delta Search) - www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=4622002522ED2C36&affID=123884&tsp=4955
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Installer) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijgflnaodjoadfpbnojecgdbjooffndj\1.0_0
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-08-25] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [173616 2007-02-08] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-04-12] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-05-25] (DT Soft Ltd)
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [28016 2011-08-27] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-12] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-20] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKslc2508f26; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{24A8C13E-1D7F-4719-99E3-DDE7AF3EC550}\MpKslc2508f26.sys [40392 2013-11-29] (Microsoft Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2013-04-12] (Duplex Secure Ltd.)
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-03] (Cyberlink Corp.)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U3 aswMBR; \??\C:\Users\user\AppData\Local\Temp\aswMBR.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-30 00:32 - 2013-11-30 00:33 - 00013216 _____ C:\Users\user\Desktop\FRST.txt
2013-11-30 00:32 - 2013-11-30 00:32 - 00000000 ____D C:\FRST
2013-11-30 00:29 - 2013-11-30 00:29 - 01092049 _____ (Farbar) C:\Users\user\Desktop\FRST.exe
2013-11-30 00:28 - 2013-11-30 00:28 - 00002139 _____ C:\Users\user\Desktop\aswMBR.txt
2013-11-30 00:28 - 2013-11-30 00:28 - 00000512 _____ C:\Users\user\Desktop\MBR.dat
2013-11-29 23:32 - 2013-11-29 23:33 - 04745728 _____ (AVAST Software) C:\Users\user\Desktop\aswMBR.exe
2013-11-29 23:31 - 2013-11-29 23:31 - 00014126 _____ C:\Users\user\Desktop\New Text Document.txt
2013-11-29 23:31 - 2013-11-29 23:31 - 00014126 _____ C:\Users\user\Desktop\AdwCleaner[S0].txt
2013-11-29 23:27 - 2013-11-29 23:27 - 00000056 _____ C:\Windows\setupact.log
2013-11-29 23:27 - 2013-11-29 23:27 - 00000000 _____ C:\Windows\setuperr.log
2013-11-29 23:25 - 2013-11-29 23:26 - 00000000 ____D C:\AdwCleaner
2013-11-29 19:35 - 2013-11-29 21:29 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2013-11-29 19:35 - 2013-11-29 19:35 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-29 16:43 - 2013-11-29 18:15 - 00000000 ____D C:\Users\user\AppData\Roaming\Bioshock
2013-11-29 16:43 - 2013-11-29 17:08 - 00000000 ____D C:\Users\user\Documents\Bioshock
2013-11-29 16:15 - 2013-11-29 16:15 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-11-29 16:15 - 2013-11-29 16:15 - 00000000 ____D C:\ProgramData\EA Core
2013-11-21 11:14 - 2013-11-21 11:14 - 00004734 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-11-21 11:14 - 2013-11-21 11:14 - 00000000 ____D C:\ProgramData\Oracle
2013-11-21 11:14 - 2013-11-21 11:14 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-21 11:14 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-21 11:14 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-21 11:14 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-21 11:14 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-18 23:59 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-18 23:59 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-18 23:59 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-18 23:59 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-18 23:59 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-18 23:59 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-18 22:54 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-18 22:54 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-18 22:54 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-18 22:54 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-18 22:54 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-18 22:54 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-18 22:54 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-18 22:54 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-18 22:54 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-18 22:54 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-18 22:54 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-18 22:54 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-18 22:54 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-18 22:54 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-18 22:54 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-11-30 00:33 - 2013-11-30 00:32 - 00013216 _____ C:\Users\user\Desktop\FRST.txt
2013-11-30 00:32 - 2013-11-30 00:32 - 00000000 ____D C:\FRST
2013-11-30 00:32 - 2012-12-29 11:34 - 00000000 ____D C:\Users\user\AppData\Roaming\BitTorrent
2013-11-30 00:31 - 2013-04-06 00:43 - 00000000 ____D C:\Users\user\Download
2013-11-30 00:29 - 2013-11-30 00:29 - 01092049 _____ (Farbar) C:\Users\user\Desktop\FRST.exe
2013-11-30 00:28 - 2013-11-30 00:28 - 00002139 _____ C:\Users\user\Desktop\aswMBR.txt
2013-11-30 00:28 - 2013-11-30 00:28 - 00000512 _____ C:\Users\user\Desktop\MBR.dat
2013-11-30 00:28 - 2012-10-20 08:05 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2013-11-30 00:21 - 2012-11-22 21:39 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-30 00:09 - 2012-10-20 08:06 - 00000000 ____D C:\Users\user\AppData\Roaming\Winamp
2013-11-29 23:35 - 2009-07-14 05:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-29 23:35 - 2009-07-14 05:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-29 23:33 - 2013-11-29 23:32 - 04745728 _____ (AVAST Software) C:\Users\user\Desktop\aswMBR.exe
2013-11-29 23:33 - 2010-11-20 22:01 - 00006230 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-29 23:31 - 2013-11-29 23:31 - 00014126 _____ C:\Users\user\Desktop\New Text Document.txt
2013-11-29 23:31 - 2013-11-29 23:31 - 00014126 _____ C:\Users\user\Desktop\AdwCleaner[S0].txt
2013-11-29 23:31 - 2013-06-27 09:51 - 01614651 _____ C:\Windows\WindowsUpdate.log
2013-11-29 23:28 - 2013-06-17 00:44 - 00000310 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-11-29 23:28 - 2012-11-22 21:39 - 00000878 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-29 23:27 - 2013-11-29 23:27 - 00000056 _____ C:\Windows\setupact.log
2013-11-29 23:27 - 2013-11-29 23:27 - 00000000 _____ C:\Windows\setuperr.log
2013-11-29 23:27 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-29 23:26 - 2013-11-29 23:25 - 00000000 ____D C:\AdwCleaner
2013-11-29 22:26 - 2013-07-22 15:21 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1259339928-1678280923-46337444-1000UA.job
2013-11-29 21:35 - 2013-01-25 15:03 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2013-11-29 21:29 - 2013-11-29 19:35 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2013-11-29 19:35 - 2013-11-29 19:35 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-29 18:15 - 2013-11-29 16:43 - 00000000 ____D C:\Users\user\AppData\Roaming\Bioshock
2013-11-29 17:08 - 2013-11-29 16:43 - 00000000 ____D C:\Users\user\Documents\Bioshock
2013-11-29 16:26 - 2013-07-22 15:21 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1259339928-1678280923-46337444-1000Core.job
2013-11-29 16:15 - 2013-11-29 16:15 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-11-29 16:15 - 2013-11-29 16:15 - 00000000 ____D C:\ProgramData\EA Core
2013-11-21 11:14 - 2013-11-21 11:14 - 00004734 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-11-21 11:14 - 2013-11-21 11:14 - 00000000 ____D C:\ProgramData\Oracle
2013-11-21 11:14 - 2013-11-21 11:14 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-21 11:14 - 2013-08-07 14:13 - 00000000 ____D C:\Program Files\Java
2013-11-20 16:27 - 2012-10-20 07:46 - 00000000 ____D C:\Windows\Panther
2013-11-20 16:26 - 2012-11-23 06:56 - 00000000 ____D C:\Program Files\CCleaner
2013-11-20 16:22 - 2013-01-18 18:48 - 00000000 ___RD C:\Program Files\Skype
2013-11-20 16:22 - 2012-10-20 08:05 - 00000000 ____D C:\ProgramData\Skype
2013-11-19 11:21 - 2012-11-21 09:38 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 10:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-11-19 04:00 - 2012-10-20 07:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-19 03:59 - 2013-02-05 09:21 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-19 03:59 - 2013-02-05 09:20 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-18 23:59 - 2013-07-18 22:28 - 00000000 ____D C:\Windows\system32\MRT
2013-11-18 23:57 - 2013-02-05 12:50 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-31 16:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 10:33

==================== End Of Log ============================

Dopuna: 30 Nov 2013 0:38

mycity.rs/must-login.png